Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 17 Dec 2017 15:49:15 -0500
From:      Dan Langille <dan@langille.org>
To:        Kostik Belousov <kostikbel@gmail.com>
Cc:        freebsd-current@freebsd.org
Subject:   Re: cannot access pass device from within jail
Message-ID:  <FBBB5B72-1823-494D-B1CA-3256F1C88D90@langille.org>
In-Reply-To: <20171217203734.GA2272@kib.kiev.ua>
References:  <E1314554-C8D0-4E8F-B8DB-E0B4D9DE325F@langille.org> <20171217203734.GA2272@kib.kiev.ua>
next in thread | previous in thread | raw e-mail | index | archive | help 
> On Dec 17, 2017, at 3:37 PM, Konstantin Belousov <kostikbel@gmail.com> =
wrote:
>=20
> On Sun, Dec 17, 2017 at 02:52:12PM -0500, Dan Langille wrote:
>> Hello,
>>=20
>> What suggestions do you have for where I should look next? I'm happy =
to start installing various builds of FreeBSD in order to track down =
which commit caused this.
>>=20
>> I'm trying to access a tape library from within a jail running on a =
FreeBSD 11.1 host.  sa(4) devices are working (e.g. I can rewind nsa0).
>>=20
>> pass(4) devices (i.e. the tape changer ch0) are not working.  This =
morning I posted to -scsi@: =
https://lists.freebsd.org/pipermail/freebsd-scsi/2017-December/007608.html=

>>=20
>> The device appears in the jail and has appropriate permissions.  This =
access was granted
>> via /etc/devfs.rules using the same approach I used for FreeBSD 10.3
>>=20
>> The permissions in the jail:
>>=20
>> [root@bacula-sd-02 ~]# ls -l /dev/pass7
>> crw-------  1 root  operator  0x74 Dec 16 21:52 /dev/pass7
>>=20
>> The command in the jail:
>>=20
>> [root@bacula-sd-02 ~]# mtx -f /dev/pass7 status=20
>> cannot open SCSI device '/dev/pass7' - Operation not permitted
>>=20
>> Here is the truss output of the command in question: =
https://gist.github.com/dlangille/b80ee804b8080e1cbf5b5ab67f0bdabe
>=20
> Does it work to access the pass device from host using host' /dev ?

Yes, it does. see "This command on the host" at =
https://lists.freebsd.org/pipermail/freebsd-scsi/2017-December/007610.html=


> Same question for the host access using the nodes of the jailed devfs =
mount.

I didn't try that, but I will soon. To be clear, does this command on =
the host look like what you have in mind?

mtx -f /usr/jails/bacula-sd-02/dev/pass7 status=20


--=20
Dan Langille - BSDCan / PGCon
dan@langille.org

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?FBBB5B72-1823-494D-B1CA-3256F1C88D90>